752c0e7ec08b10e35d69dce3c6a6e7c0ffa07fc1322efd54f85692836879d2de

Sharing

Copy URL Twitter E-mail

General

Target

752c0e7ec08b10e35d69dce3c6a6e7c0ffa07fc1322efd54f85692836879d2de
Size

501KB
MD5

6ac844f903a67367720d1b1444fd4dad
SHA1

066b85145c41f3666d7ec5025adae4304543516f
SHA256

752c0e7ec08b10e35d69dce3c6a6e7c0ffa07fc1322efd54f85692836879d2de
SHA512

5c84f19165ebcf5b10612e04f880d231304510677e9a63bb8769fdda821a21c8d186e16e3c290d25e5917eb39b2222cc783b1a1c9ab77b7179e43f8da713a2be
SSDEEP

12288:CmsgeGhXda4mqGlZlSN39coGCh3VoHDilqM:CjgemdEo9sqcDix

Score

N/A

Malware Config

Signatures

Files

752c0e7ec08b10e35d69dce3c6a6e7c0ffa07fc1322efd54f85692836879d2de
.exe windows x86

a8505d0de5264e5040909f597965a34a

Code Sign

5b:be:a6:af:c9:41:b1:ab:40:d3:fb:92:00:39:36:2a
Certificate

Issuer

CN=AIJRQTPHNHRQRXSYJZNZMDZDFPEWFOXWORLOLDLMUQCUCZLGUZDSLMUTHGGMBWHWWLJSGOXEHBJCICYKYYZDAOKZJNTCIWSRZTYVAMCNUWYGMWPPKNOCZLTIDOIXOJVKXQIWERTJXESAKJNTUEOQOSNAGOYJQQFVUBXWUKLGLARMGAPKRHAXNGFUNLUAEICFTXIDIHOHCJFTXSNTSGIEEKAGSEKQFNQRZYNZYIGISCADRRUROFZZIXZLQOPCJQQVPUUBFALVBAACKPPQZHXWJXZGDIJKSOSBXCPYFDVZBTJGNNAVRPGSFYOBACCVZPIKCHUPRAWMOXPKXZVCKZLJHZCBHLMQHJQLNUJAUGWVNYMLAVPYZIFZOJUZVTIJKARMLWTIGZXCVIBMWJTLGKNUMYNFQLXSOBDOFTNYJPTBNIRUYHJKCVSFDUBYQSQMNIQHGORGWAADODYSIRMIJEIVANXVYUIQQELWYHJZDNEJBXTVPCSHAYEHHEHHOSAITIRISWCXYVIMAQHWVLPBZMKOMCJJPLZWFWGFBCQYUZLXPGARRAKBHBKQVBXUEWVRXJTTNTZGMOGQXQSHHPFIXWXRYJOXLUMIJSTXOLNCNJHJDMIXLGWRYAVBCNUUQXCRLHJEUTVWWVWLMLEWIPXKMNLIZQSAWUBNSVQVUDVDAQBXDCXPSNVPOHGBWBHAMAEAFLKSFWQSBWSJLXIVWLTZKBDCQRJTSXJJMTFJSITLOCNEPEPIRBSXEQDLNSKWWWAYPRKZZPXJOHVIAHDCMPJJBPPEMVSQHBQIGQDJSVCRSTWKZISEEOHAHNGQWALBJRBENIHBSYPUGGRTYLGYDAUFEUZFQULSMSLJDAPESXBEUYZGHOBTJHZXZTANFAJXCCGXHGNPPKGNPLIOMQRFJERUBSWHPYROQTCXUBISEGJRLQBWZMYCCXNDTTIMJFOFQJZUWUBRHZVPOZHDHTZGEBAWMAKDNZBEQREYJIOGYEIMVFXYACDUPRJPRKMLRRXIDEFCPVKXZFWNPOPMRBEWBDNQUVEVYFSEUJYYLXZSLKQHSOVQWBAXQHGVHBKUZXVYEQKMJQMLIAHIPHUZHKXKAJEVTUIBYMJOZIZUGKVLQFOLGDNQPJIBLAOVQPLKOZFMWNKEOCTVMZQNCWWNLBDSQGPSQAMXBZCWNLPAIXUHYHVQDUIDPOKIVNDBGKMRGJLQUZSXCOFGCBXCZMIPUWNCVSXAFDTBKNOFIEJOWACRFZSFPYATWUBHZBINEJXNJEMTBTGVIWHGKTOOSSHCPDAJDGQZVGTRNLYCTLNVNWLJXYXWIOVSWOPZSIXRYVNHTWQQHYLRDIZZZBPAFTELPRGXPVYJHBPINLXOOSSUIZCUYNSYNZORQYUAHOHNQSSXTNXPOHGRXWSBBNOXZHBOZUGMSXJIUPXGYWOEFYEYANRUSJVEVENUPNZMLNHOSJKTCQPKMZAMNUMOHDKGXLMVNIPMMMZRFOVAVMOZMNOGSAMSEVNUNMKTUJZYLIFTHQYSFHRJFRTIKYTDVJQPMXLHLPHRKZLPVAYUVOBNTLACZQELSPNPGWOTPZBNAUYQWZEFWZNGHQXYKQLWIGGYRUMGLJYMMLTWKRJFZWSWXCHMAXZIGYCWFRTLCNBSNCT

Not Before

19/12/2012, 05:21

Not After

31/12/2039, 23:59

Subject

CN=AIJRQTPHNHRQRXSYJZNZMDZDFPEWFOXWORLOLDLMUQCUCZLGUZDSLMUTHGGMBWHWWLJSGOXEHBJCICYKYYZDAOKZJNTCIWSRZTYVAMCNUWYGMWPPKNOCZLTIDOIXOJVKXQIWERTJXESAKJNTUEOQOSNAGOYJQQFVUBXWUKLGLARMGAPKRHAXNGFUNLUAEICFTXIDIHOHCJFTXSNTSGIEEKAGSEKQFNQRZYNZYIGISCADRRUROFZZIXZLQOPCJQQVPUUBFALVBAACKPPQZHXWJXZGDIJKSOSBXCPYFDVZBTJGNNAVRPGSFYOBACCVZPIKCHUPRAWMOXPKXZVCKZLJHZCBHLMQHJQLNUJAUGWVNYMLAVPYZIFZOJUZVTIJKARMLWTIGZXCVIBMWJTLGKNUMYNFQLXSOBDOFTNYJPTBNIRUYHJKCVSFDUBYQSQMNIQHGORGWAADODYSIRMIJEIVANXVYUIQQELWYHJZDNEJBXTVPCSHAYEHHEHHOSAITIRISWCXYVIMAQHWVLPBZMKOMCJJPLZWFWGFBCQYUZLXPGARRAKBHBKQVBXUEWVRXJTTNTZGMOGQXQSHHPFIXWXRYJOXLUMIJSTXOLNCNJHJDMIXLGWRYAVBCNUUQXCRLHJEUTVWWVWLMLEWIPXKMNLIZQSAWUBNSVQVUDVDAQBXDCXPSNVPOHGBWBHAMAEAFLKSFWQSBWSJLXIVWLTZKBDCQRJTSXJJMTFJSITLOCNEPEPIRBSXEQDLNSKWWWAYPRKZZPXJOHVIAHDCMPJJBPPEMVSQHBQIGQDJSVCRSTWKZISEEOHAHNGQWALBJRBENIHBSYPUGGRTYLGYDAUFEUZFQULSMSLJDAPESXBEUYZGHOBTJHZXZTANFAJXCCGXHGNPPKGNPLIOMQRFJERUBSWHPYROQTCXUBISEGJRLQBWZMYCCXNDTTIMJFOFQJZUWUBRHZVPOZHDHTZGEBAWMAKDNZBEQREYJIOGYEIMVFXYACDUPRJPRKMLRRXIDEFCPVKXZFWNPOPMRBEWBDNQUVEVYFSEUJYYLXZSLKQHSOVQWBAXQHGVHBKUZXVYEQKMJQMLIAHIPHUZHKXKAJEVTUIBYMJOZIZUGKVLQFOLGDNQPJIBLAOVQPLKOZFMWNKEOCTVMZQNCWWNLBDSQGPSQAMXBZCWNLPAIXUHYHVQDUIDPOKIVNDBGKMRGJLQUZSXCOFGCBXCZMIPUWNCVSXAFDTBKNOFIEJOWACRFZSFPYATWUBHZBINEJXNJEMTBTGVIWHGKTOOSSHCPDAJDGQZVGTRNLYCTLNVNWLJXYXWIOVSWOPZSIXRYVNHTWQQHYLRDIZZZBPAFTELPRGXPVYJHBPINLXOOSSUIZCUYNSYNZORQYUAHOHNQSSXTNXPOHGRXWSBBNOXZHBOZUGMSXJIUPXGYWOEFYEYANRUSJVEVENUPNZMLNHOSJKTCQPKMZAMNUMOHDKGXLMVNIPMMMZRFOVAVMOZMNOGSAMSEVNUNMKTUJZYLIFTHQYSFHRJFRTIKYTDVJQPMXLHLPHRKZLPVAYUVOBNTLACZQELSPNPGWOTPZBNAUYQWZEFWZNGHQXYKQLWIGGYRUMGLJYMMLTWKRJFZWSWXCHMAXZIGYCWFRTLCNBSNCT

Extended Key Usages

ExtKeyUsageCodeSigning

d0:06:d1:40:b3:a9:f9:ba:e9:d6:aa:15:60:29:72:3d:29:29:31:da
Signer

Actual PE Digest

d0:06:d1:40:b3:a9:f9:ba:e9:d6:aa:15:60:29:72:3d:29:29:31:da

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=AIJRQTPHNHRQRXSYJZNZMDZDFPEWFOXWORLOLDLMUQCUCZLGUZDSLMUTHGGMBWHWWLJSGOXEHBJCICYKYYZDAOKZJNTCIWSRZTYVAMCNUWYGMWPPKNOCZLTIDOIXOJVKXQIWERTJXESAKJNTUEOQOSNAGOYJQQFVUBXWUKLGLARMGAPKRHAXNGFUNLUAEICFTXIDIHOHCJFTXSNTSGIEEKAGSEKQFNQRZYNZYIGISCADRRUROFZZIXZLQOPCJQQVPUUBFALVBAACKPPQZHXWJXZGDIJKSOSBXCPYFDVZBTJGNNAVRPGSFYOBACCVZPIKCHUPRAWMOXPKXZVCKZLJHZCBHLMQHJQLNUJAUGWVNYMLAVPYZIFZOJUZVTIJKARMLWTIGZXCVIBMWJTLGKNUMYNFQLXSOBDOFTNYJPTBNIRUYHJKCVSFDUBYQSQMNIQHGORGWAADODYSIRMIJEIVANXVYUIQQELWYHJZDNEJBXTVPCSHAYEHHEHHOSAITIRISWCXYVIMAQHWVLPBZMKOMCJJPLZWFWGFBCQYUZLXPGARRAKBHBKQVBXUEWVRXJTTNTZGMOGQXQSHHPFIXWXRYJOXLUMIJSTXOLNCNJHJDMIXLGWRYAVBCNUUQXCRLHJEUTVWWVWLMLEWIPXKMNLIZQSAWUBNSVQVUDVDAQBXDCXPSNVPOHGBWBHAMAEAFLKSFWQSBWSJLXIVWLTZKBDCQRJTSXJJMTFJSITLOCNEPEPIRBSXEQDLNSKWWWAYPRKZZPXJOHVIAHDCMPJJBPPEMVSQHBQIGQDJSVCRSTWKZISEEOHAHNGQWALBJRBENIHBSYPUGGRTYLGYDAUFEUZFQULSMSLJDAPESXBEUYZGHOBTJHZXZTANFAJXCCGXHGNPPKGNPLIOMQRFJERUBSWHPYROQTCXUBISEGJRLQBWZMYCCXNDTTIMJFOFQJZUWUBRHZVPOZHDHTZGEBAWMAKDNZBEQREYJIOGYEIMVFXYACDUPRJPRKMLRRXIDEFCPVKXZFWNPOPMRBEWBDNQUVEVYFSEUJYYLXZSLKQHSOVQWBAXQHGVHBKUZXVYEQKMJQMLIAHIPHUZHKXKAJEVTUIBYMJOZIZUGKVLQFOLGDNQPJIBLAOVQPLKOZFMWNKEOCTVMZQNCWWNLBDSQGPSQAMXBZCWNLPAIXUHYHVQDUIDPOKIVNDBGKMRGJLQUZSXCOFGCBXCZMIPUWNCVSXAFDTBKNOFIEJOWACRFZSFPYATWUBHZBINEJXNJEMTBTGVIWHGKTOOSSHCPDAJDGQZVGTRNLYCTLNVNWLJXYXWIOVSWOPZSIXRYVNHTWQQHYLRDIZZZBPAFTELPRGXPVYJHBPINLXOOSSUIZCUYNSYNZORQYUAHOHNQSSXTNXPOHGRXWSBBNOXZHBOZUGMSXJIUPXGYWOEFYEYANRUSJVEVENUPNZMLNHOSJKTCQPKMZAMNUMOHDKGXLMVNIPMMMZRFOVAVMOZMNOGSAMSEVNUNMKTUJZYLIFTHQYSFHRJFRTIKYTDVJQPMXLHLPHRKZLPVAYUVOBNTLACZQELSPNPGWOTPZBNAUYQWZEFWZNGHQXYKQLWIGGYRUMGLJYMMLTWKRJFZWSWXCHMAXZIGYCWFRTLCNBSNCT

28/11/2022, 11:52
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
VirtualAlloc
GetShortPathNameW
GetShortPathNameA
GetVersionExW
SetFileAttributesW
SetFileAttributesA
GetFileAttributesW
GetFileAttributesA
GetCurrentDirectoryW
GetCurrentDirectoryA
GetStartupInfoA
GetModuleHandleA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
FindClose
SetCurrentDirectoryA
SetCurrentDirectoryW
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
lstrlenW
GetLastError
GetProcAddress
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW

user32

MessageBeep
InvalidateRect
KillTimer
PostQuitMessage
DefWindowProcA
RegisterClassExW
RegisterWindowMessageA
FindWindowA
GetCursorPos
SetCursorPos
PeekMessageA
TranslateMessage
DispatchMessageA
GetMessageA
IsIconic
SetForegroundWindow
GetMenu
PostMessageA
ReleaseCapture
SetCapture
LoadIconA
EndPaint
UnregisterClassA
LoadBitmapA
DestroyWindow
RegisterClassA
CreateWindowExA
GetWindowLongA
UpdateWindow
LoadCursorA
SetCursor
DeleteMenu
DrawMenuBar
SendDlgItemMessageA
MapVirtualKeyA
GetKeyNameTextA
CheckMenuItem
EnableMenuItem
DialogBoxParamA
MessageBoxA
EndDialog
GetDlgItemTextA
ShowWindow
EnableWindow
SetFocus
SendMessageA
GetParent
WinHelpA
GetDlgItem
SetWindowTextA
SetWindowLongA
GetSystemMetrics
GetDC
BeginPaint
ChangeDisplaySettingsA
SetWindowPos
RedrawWindow
IsWindowVisible
MoveWindow
FillRect
DialogBoxIndirectParamA
GetWindowTextA
GetDesktopWindow
GetWindowRect
DrawTextA
ReleaseDC
LoadStringA
wsprintfA
SetMenu

gdi32

RealizePalette
SelectPalette
CreateCompatibleDC
GetObjectA
GetStockObject
CreateDIBitmap
GetPaletteEntries
DeleteDC
SetPaletteEntries
ResizePalette
GetSystemPaletteEntries
SetSystemPaletteUse
GetDeviceCaps
CreateCompatibleBitmap
BitBlt
CreatePalette
CreateSolidBrush
SelectObject
DeleteObject
SetBkMode
SetTextColor
GetLayout
StretchDIBits
SetLayout

msvcrt

_XcptFilter
_cexit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
_exit
__p__fmode
__set_app_type
_except_handler3
_controlfp
atoi
_c_exit
wcscpy
wcslen
isdigit
isalnum
isspace
_purecall
calloc
rand
floor
_CIacos
strstr
exit
_ftol
fopen
fclose
_strnicmp
realloc
free
malloc
sprintf
_itoa
sscanf
_ltoa
__p__commode
memmove
atol

advapi32

RegOpenKeyW
RegOpenKeyA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegQueryValueA

shell32

ShellAboutA

comctl32

InitCommonControlsEx

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 404KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8505d0de5264e5040909f597965a34a

Code Sign

5b:be:a6:af:c9:41:b1:ab:40:d3:fb:92:00:39:36:2aCertificate

Extended Key Usages

d0:06:d1:40:b3:a9:f9:ba:e9:d6:aa:15:60:29:72:3d:29:29:31:daSigner

Signature Validations

Verification

28/11/2022, 11:52 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

advapi32

shell32

comctl32

Sections

.text Size: 43KB - Virtual size: 43KB

.data Size: 404KB - Virtual size: 404KB

.rsrc Size: 41KB - Virtual size: 40KB

.reloc Size: 1024B - Virtual size: 948B

5b:be:a6:af:c9:41:b1:ab:40:d3:fb:92:00:39:36:2a
Certificate

d0:06:d1:40:b3:a9:f9:ba:e9:d6:aa:15:60:29:72:3d:29:29:31:da
Signer

28/11/2022, 11:52
Valid: false

.text
Size: 43KB - Virtual size: 43KB

.data
Size: 404KB - Virtual size: 404KB

.rsrc
Size: 41KB - Virtual size: 40KB

.reloc
Size: 1024B - Virtual size: 948B